| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 10 Jan 2019 00:51:39 +0800
From: joeyli <jlee@...e.com>
To: Andy Lutomirski <luto@...nel.org>
Cc: Pavel Machek <pavel@....cz>,
"Lee, Chun-Yi" <joeyli.kernel@...il.com>,
"Rafael J . Wysocki" <rjw@...ysocki.net>,
LKML <linux-kernel@...r.kernel.org>, linux-pm@...r.kernel.org,
keyrings@...r.kernel.org,
"Rafael J. Wysocki" <rafael.j.wysocki@...el.com>,
Chen Yu <yu.c.chen@...el.com>,
Oliver Neukum <oneukum@...e.com>,
Ryan Chen <yu.chen.surf@...il.com>,
David Howells <dhowells@...hat.com>,
Giovanni Gherdovich <ggherdovich@...e.cz>,
Randy Dunlap <rdunlap@...radead.org>,
Jann Horn <jannh@...gle.com>
Subject: Re: [PATCH 0/5 v2][RFC] Encryption and authentication for hibernate
snapshot image
On Thu, Jan 10, 2019 at 12:39:58AM +0800, joeyli wrote:
> Hi Andy,
>
[...snip]
>
> Let's why I encrypt/decrypt data pages one by one, then I copy the
^^^^^^^ That's why
> encrypt/decrypt data from buffer page (only one buffer page reserved
> for encrypt/decrypt) to original page. I encreypt pages one by one, but
> I HMAC and verify the whole snapshot image by update mode.
>
[...snip]
>
> > Why are you manually supporting three different key types? Can’t you
> > just somehow support all key types? And shouldn’t you be verifying
>
> I only supported two key typs in my patch set, user defined key and
> TPM trusted key. The EFI secure boot did not accept by EFI subsystem.
^^^^^^^^^^^^^^^^^^^ EFI secure key
https://lkml.org/lkml/2018/8/5/10
Sorry for I produced too many typo when feeling sleepy...
Thanks a lot!
Joey Lee
Powered by blists - more mailing lists